Original release date: March 11, 2016
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0
-
Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9
-
Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| cuore — ec-cube_help_plugin | SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2016-02-19 | 7.5 | CVE-2016-1154 |
| dell — sonicwall_analyzer | The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input. | 2016-02-17 | 9 | CVE-2016-2396 |
| google — chrome | Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy and a sandbox protection mechanism via unspecified vectors. | 2016-02-21 | 10 | CVE-2016-1629 |
| libreoffice — libreoffice | The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document. | 2016-02-18 | 9.3 | CVE-2016-0794 |
| libreoffice — libreoffice | LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document. | 2016-02-18 | 9.3 | CVE-2016-0795 |
| microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka “Internet Explorer Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0069. | 2016-02-18 | 9.3 | CVE-2016-0068 |
| microsoft — internet_explorer | Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka “Internet Explorer Elevation of Privilege Vulnerability,” a different vulnerability than CVE-2016-0068. | 2016-02-18 | 9.3 | CVE-2016-0069 |
| postgresql — postgresql | PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors. | 2016-02-17 | 9 | CVE-2016-0766 |
| sap — netweaver | Directory traversal vulnerability in the Manufacturing Integration and Intelligence (xMII) component in SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2230978. | 2016-02-16 | 7.8 | CVE-2016-2389 |
| sap — netweaver | SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079. | 2016-02-16 | 7.5 | CVE-2016-2386 |
| zhuhai — raysharp_firmware | Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers to obtain access via a session on TCP port 23 or 9000. | 2016-02-18 | 10 | CVE-2015-8286 |
Medium Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| basercms — basercms | baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors. | 2016-02-19 | 6.5 | CVE-2015-7769 |
| cisco — ios | Cisco IOS 15.2(4)E on Industrial Ethernet 2000 devices allows remote attackers to cause a denial of service (device reload) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuy27746. | 2016-02-15 | 6.1 | CVE-2016-1330 |
| cisco — universal_small_cell_firmware | Cisco Universal Small Cell devices with firmware R2.12 through R3.5 contain an image-decryption key in flash memory, which allows remote attackers to bypass a certain certificate-validation feature and obtain sensitive firmware-image and IP address data via a request to an unspecified Cisco server, aka Bug ID CSCut98082. | 2016-02-15 | 5 | CVE-2016-1321 |
| cisco — emergency_responder | Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 11.5(0.99833.5) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy10766. | 2016-02-15 | 4.3 | CVE-2016-1331 |
| cybozu — office | customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service (excessive database locking) via a crafted CSV file, a different vulnerability than CVE-2016-1153. | 2016-02-16 | 6.8 | CVE-2015-8489 |
| cybozu — office | Multiple cross-site request forgery (CSRF) vulnerabilities in Cybozu Office 9.9.0 through 10.3.0 allow remote attackers to hijack the authentication of arbitrary users. | 2016-02-16 | 6.8 | CVE-2016-1151 |
| cybozu — office | customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service via unspecified vectors, a different vulnerability than CVE-2015-8489. | 2016-02-16 | 6.8 | CVE-2016-1153 |
| cybozu — office | Open redirect vulnerability in Cybozu Office 10.2.0 through 10.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. | 2016-02-16 | 5.8 | CVE-2015-8483 |
| cybozu — office | Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended calendar-viewing restrictions via unspecified vectors, a different vulnerability than CVE-2015-8485, CVE-2015-8486, and CVE-2016-1152. | 2016-02-16 | 5.5 | CVE-2015-8484 |
| cybozu — office | Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary posting titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8486, and CVE-2016-1152. | 2016-02-16 | 5.5 | CVE-2015-8485 |
| cybozu — office | Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary report titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2016-1152. | 2016-02-16 | 5.5 | CVE-2015-8486 |
| cybozu — office | Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions, and read or write to plan data, via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2015-8486. | 2016-02-16 | 5.5 | CVE-2016-1152 |
| cybozu — office | Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150. | 2016-02-16 | 4.3 | CVE-2015-7795 |
| cybozu — office | Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7797, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150. | 2016-02-16 | 4.3 | CVE-2015-7796 |
| cybozu — office | Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150. | 2016-02-16 | 4.3 | CVE-2015-7797 |
| cybozu — office | Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2016-1149, and CVE-2016-1150. | 2016-02-16 | 4.3 | CVE-2015-7798 |
| cybozu — office | Cybozu Office 10.3.0 allows remote attackers to read image files via a crafted e-mail message, a different vulnerability than CVE-2015-8487. | 2016-02-16 | 4.3 | CVE-2015-8488 |
| cybozu — office | Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, and CVE-2016-1150. | 2016-02-16 | 4.3 | CVE-2016-1149 |
| cybozu — office | Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, and CVE-2016-1149. | 2016-02-16 | 4.3 | CVE-2016-1150 |
| gnu — glibc | Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing “dual A/AAAA DNS queries” and the libnss_dns.so.2 NSS module. | 2016-02-18 | 6.8 | CVE-2015-7547 |
| google — chrome | pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document, related to the opj_pi_next_rpcl, opj_pi_next_pcrl, and opj_pi_next_cprl functions. | 2016-02-21 | 6.8 | CVE-2016-1628 |
| ibm — financial_transaction_manager | IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading exception details in error logs. | 2016-02-15 | 4 | CVE-2016-0231 |
| nginx — nginx | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response. | 2016-02-15 | 5 | CVE-2016-0742 |
| phpmyadmin — phpmyadmin | The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach. | 2016-02-19 | 5 | CVE-2016-1927 |
| phpmyadmin — phpmyadmin | phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message. | 2016-02-19 | 5 | CVE-2016-2038 |
| phpmyadmin — phpmyadmin | libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value. | 2016-02-19 | 5 | CVE-2016-2039 |
| phpmyadmin — phpmyadmin | libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences. | 2016-02-19 | 5 | CVE-2016-2041 |
| phpmyadmin — phpmyadmin | phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request to (1) libraries/phpseclib/Crypt/AES.php or (2) libraries/phpseclib/Crypt/Rijndael.php, which reveals the full path in an error message. | 2016-02-19 | 5 | CVE-2016-2042 |
| phpmyadmin — phpmyadmin | libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message. | 2016-02-19 | 5 | CVE-2016-2044 |
| rubyonrails — ruby_on_rails | Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application’s unrestricted use of the render method and providing a .. (dot dot) in a pathname. | 2016-02-15 | 5 | CVE-2016-0752 |
| rubyonrails — ruby_on_rails | Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted parameters. | 2016-02-15 | 5 | CVE-2016-0753 |
| rubyonrails — html_sanitizer | Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes. | 2016-02-15 | 4.3 | CVE-2015-7578 |
| rubyonrails — html_sanitizer | Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem 1.0.2 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via an HTML entity that is mishandled by the Rails::Html::FullSanitizer class. | 2016-02-15 | 4.3 | CVE-2015-7579 |
| rubyonrails — html_sanitizer | Cross-site scripting (XSS) vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node. | 2016-02-15 | 4.3 | CVE-2015-7580 |
| sap — netweaver | The Universal Worklist Configuration in SAP NetWeaver 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846. | 2016-02-16 | 5 | CVE-2016-2388 |
| sap — netweaver | Cross-site scripting (XSS) vulnerability in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SAP Security Note 2220571. | 2016-02-16 | 4.3 | CVE-2016-2387 |
| sophos — unified_threat_management_software | Cross-site scripting (XSS) vulnerability in the UserPortal page in SOPHOS UTM before 9.353 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | 2016-02-17 | 4.3 | CVE-2016-2046 |
| symantec — encryption_management_server | Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root access by modifying a batch file. | 2016-02-18 | 6.3 | CVE-2015-8150 |
| symantec — encryption_management_server | Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access. | 2016-02-18 | 5.8 | CVE-2015-8151 |
| symantec — encryption_management_server | The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to obtain sensitive information about administrator accounts via a modified request. | 2016-02-18 | 5 | CVE-2015-8148 |
| symantec — encryption_management_server | The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted requests. | 2016-02-18 | 5 | CVE-2015-8149 |
| xen — xen | Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings. | 2016-02-19 | 4.6 | CVE-2016-2270 |
Low Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| linecorp — line | LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X allows remote authenticated users to cause a denial of service (application crash) via a crafted post that is mishandled when displaying a Timeline. | 2016-02-19 | 3.5 | CVE-2016-1156 |
| phpmyadmin — phpmyadmin | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allow remote authenticated users to inject arbitrary web script or HTML via a (1) table name, (2) SET value, (3) search query, or (4) hostname in a Location header. | 2016-02-19 | 3.5 | CVE-2016-2040 |
| phpmyadmin — phpmyadmin | Cross-site scripting (XSS) vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a table name to the normalization page. | 2016-02-19 | 3.5 | CVE-2016-2043 |
| phpmyadmin — phpmyadmin | Cross-site scripting (XSS) vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response. | 2016-02-19 | 3.5 | CVE-2016-2045 |
| comcast — xfinity_home_security_system | Comcast XFINITY Home Security System does not properly maintain base-station communication, which allows physically proximate attackers to defeat sensor functionality by interfering with ZigBee 2.4 GHz transmissions. | 2016-02-17 | 3.3 | CVE-2016-2398 |
| cybozu — office | Cybozu Office 9.0.0 through 10.3 allows remote attackers to discover CSRF tokens via unspecified vectors, a different vulnerability than CVE-2015-8488. | 2016-02-16 | 2.6 | CVE-2015-8487 |
| hp — hp-ux_ipfilter | HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state configuration is enabled, allows remote attackers to cause a denial of service via unspecified UDP packets. | 2016-02-18 | 2.6 | CVE-2016-1987 |
| Xen — VMX | VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP. | 2016-02-19 | 2.1 | CVE-2016-2271 |
Severity Not Yet Assigned
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| Advantech — B+B SmartWorx VESP211-EU | The web interface on Advantech/B+B SmartWorx VESP211-EU devices with firmware 1.7.2 and VESP211-232 devices with firmware 1.5.1 and 1.7.2 relies on the client to implement access control, which allows remote attackers to perform administrative actions via modified JavaScript code. | 2016-02-21 | N/A | CVE-2016-2275 |
| Belden — Hirschmann Classic Platform switches | The password-sync feature on Belden Hirschmann Classic Platform switches L2B before 05.3.07 and L2E, L2P, L3E, and L3P before 09.0.06 sets an SNMP community to the same string as the administrator password, which allows remote attackers to obtain sensitive information by sniffing the network. | 2016-02-18 | N/A | CVE-2016-2509 |
| Cisco — IOS | Cisco IOS 15.5(3)M and 15.6(1)T0a on Cisco 1000 Connected Grid routers allows remote authenticated users to cause a denial of service (device reload) via an SNMP request for unspecified BRIDGE MIB OIDs, aka Bug ID CSCux89878. | 2016-02-17 | N/A | CVE-2016-1333 |
| Cisco — Small Business 500 Wireless Access Point | Cisco Small Business 500 Wireless Access Point devices with firmware 1.0.4.4 allow remote attackers to set the system time via a crafted POST request, aka Bug ID CSCuy01457. | 2016-02-17 | N/A | CVE-2016-1334 |
| Cisco — StarOS | The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previously used for an administrator’s connection, aka Bug ID CSCux22492. | 2016-02-19 | N/A | CVE-2016-1335 |
| Citrix — NetScaler Application Delivery Controller | Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, and 10.5.e before Build 59.1305.e allows remote attackers to gain privileges via unspecified NS Web GUI commands. | 2016-02-17 | N/A | CVE-2016-2071 |
| Citrix — NetScaler Application Delivery Controller | The Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, 10.5.e before Build 59.1305.e, and 10.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | 2016-02-17 | N/A | CVE-2016-2072 |
| Dell — SonicWALL GMS | The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data. | 2016-02-17 | N/A | CVE-2016-2397 |
| IBM — Financial Transaction Manager | IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading README files. | 2016-02-15 | N/A | CVE-2016-0232 |
| nginx — resolver | Use-after-free vulnerability in the resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing. | 2016-02-15 | N/A | CVE-2016-0746 |
| nginx — resolver | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. | 2016-02-15 | N/A | CVE-2016-0747 |
| Novell — ZENworks Configuration Management | The ChangePassword RPC method in Novell ZENworks Configuration Management (ZCM) 11.3 and 11.4 allows remote attackers to conduct XPath injection attacks, and read arbitrary text files, via a malformed query involving a system entity reference. | 2016-02-18 | N/A | CVE-2015-5970 |
| PostgreSQL — PostgreSQL | PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression. | 2016-02-17 | N/A | CVE-2016-0773 |
| Ruby on Rail — Basic Authentication implementation | The http_basic_authenticate_with method in actionpack/lib/action_controller/metal/http_authentication.rb in the Basic Authentication implementation in Action Controller in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to bypass authentication by measuring timing differences. | 2016-02-15 | N/A | CVE-2015-7576 |
| Ruby on Rails — Active Record | activerecord/lib/active_record/nested_attributes.rb in Active Record in Ruby on Rails 3.1.x and 3.2.x before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly implement a certain destroy option, which allows remote attackers to bypass intended change restrictions by leveraging use of the nested attributes feature. | 2016-02-15 | N/A | CVE-2015-7577 |
| Ruby on Rails — Action Pack | actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service (superfluous caching and memory consumption) by leveraging an application’s use of a wildcard controller route. | 2016-02-15 | N/A | CVE-2015-7581 |
| Ruby on Rails — Action Pack | actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header. | 2016-02-15 | N/A | CVE-2016-0751 |
| Swann — SRNVW-470LCD | Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote attackers to watch live video by visiting an unspecified URL. | 2016-02-18 | N/A | CVE-2015-8287 |
| VMware — vSphere GUI | The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.4 and Tivoli Storage FlashCopy Manager for VMware (aka Spectrum Protect Snapshot) 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.4 allows remote attackers to obtain administrative privileges via a crafted URL that triggers back-end function execution. | 2016-02-21 | N/A | CVE-2015-7425 |
This product is provided subject to this Notification and this Privacy & Use policy.